what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 17 of 17 RSS Feed

Files Date: 2013-10-09

Mobius Forensic Toolkit 0.5.19
Posted Oct 9, 2013
Site savannah.nongnu.org

Mobius Forensic Toolkit is a forensic framework written in Python/GTK that manages cases and case items, providing an abstract interface for developing extensions. Cases and item categories are defined using XML files for easy integration with other tools.

Changes: The partition-agent extension automatically adds partitions to case when a data source is set. New registry report: "Shared Folders". Minor improvements have been made.
tags | tool, python, forensics
systems | unix
SHA-256 | ffe982babe45ec9f674c2df0bd0a79f87feded95e42a590feafaba4dbd11c5e7
BoltWire 3.5 Cross Site Scripting
Posted Oct 9, 2013
Authored by Manuel Garcia Cardenas | Site isecauditors.com

BoltWire versions 3.5 and below suffer from multiple cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss
advisories | CVE-2013-2651
SHA-256 | 867b4ee582a95ee6f0520a36a920849d91e7188ae8a379ff7d0be0787ff1d938
Uebimiau 2.7.11 Cross Site Scripting / Open Redirection
Posted Oct 9, 2013
Authored by Manuel Garcia Cardenas | Site isecauditors.com

Uebimiau versions 2.7.11 and below suffer from open redirect and cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss
advisories | CVE-2013-2621, CVE-2013-2622, CVE-2013-2623
SHA-256 | 5f6f119f3f4927edb7397c7d27ce0af76e8a5813ac1a85ffe0ce6012dea50016
Feng Office 2.3.2-rc Cross Site Scripting
Posted Oct 9, 2013
Authored by High-Tech Bridge SA | Site htbridge.com

Feng Office version 2.3.2-rc suffers from a cross site scripting vulnerability.

tags | exploit, xss
advisories | CVE-2013-5744
SHA-256 | 40b47e9967f44d583ce89da957cbbc397e193b6e477657fb9f14023e55e027ed
ALLPlayer 5.6.2 Buffer Overflow
Posted Oct 9, 2013
Authored by metacom

ALLPlayer version 5.6.2 suffers from a local buffer overflow vulnerability.

tags | exploit, overflow, local
SHA-256 | 21120b218a8965b549f27058d730f8e3a32aae233b64ec6660ba4be0e1bb42c8
Apache Sling 2.2.0 / 2.3.0 Denial Of Service
Posted Oct 9, 2013
Authored by Antonio Sanso | Site sling.apache.org

Apache Sling versions 2.2.0 and 2.3.0 suffer from infinite loop issues that can lead to denial of service.

tags | advisory, denial of service
advisories | CVE-2013-2254
SHA-256 | e8ca4a1b428c43b8ecffd2aa6fcbeba7528df723bd1d9862f6e62bef76dc47eb
(sp)iPhone: Decoding Vibrations From Nearby Keyboards Using Mobile Phone Accelerometers
Posted Oct 9, 2013
Authored by Patrick Traynor, Arunabh Verma, Henry Carter, Philip Marquardt

This whitepaper demonstrates that an application with access to accelerometer readings on a modern mobile phone can use such information to recover text entered on a nearby keyboard. Note that unlike previous emanation recovery papers, the accelerometers on such devices sample at near the Nyquist rate, making previous techniques unworkable. Their application instead detects and decodes keystrokes by measuring the relative physical position and distance between each vibration. The authors then match abstracted words against candidate dictionaries and record word recovery rates as high as 80%. In so doing, they demonstrate the potential to recover significant information from the vicinity of a mobile device without gaining access to resources generally considered to be the most likely sources of leakage (e.g., microphone, camera).

tags | paper
SHA-256 | 8ffbeaacc095d55d31d06602fd31459f82961adc52831ec28255647e4ebb59fd
Cisco Security Advisory 20131009-fwsm
Posted Oct 9, 2013
Authored by Cisco Systems | Site cisco.com

Cisco Security Advisory - Cisco Firewall Services Module (FWSM) Software for Cisco Catalyst 6500 Series Switches and Cisco 7600 Series Routers is affected by command authorization and denial of service vulnerabilities. Cisco has released free software updates that address these vulnerabilities. Workarounds that mitigate these vulnerabilities are available.

tags | advisory, denial of service, vulnerability
systems | cisco
SHA-256 | 24986f76d8e8103c8314a8401ba31a86c9b73fe2f064d9f21a04e6f5a03a88f6
Cisco Security Advisory 20131009-asa
Posted Oct 9, 2013
Authored by Cisco Systems | Site cisco.com

Cisco Security Advisory - Cisco Adaptive Security Appliance (ASA) Software is affected by multiple authentication bypass and denial of service vulnerabilities. Cisco has released free software updates that address these vulnerabilities. Workarounds are available for some of the vulnerabilities.

tags | advisory, denial of service, vulnerability
systems | cisco
SHA-256 | 8a194b186690e867a497abdf334e2b707e6cfd5f582864047d65639a45a407de
HP Security Bulletin HPSBGN02930
Posted Oct 9, 2013
Authored by HP | Site hp.com

HP Security Bulletin HPSBGN02930 - Potential security vulnerabilities have been identified with HP Intelligent Management Center(iMC) and HP IMC Service Operation Management Software Module. The vulnerabilities could be remotely exploited resulting in authentication bypass, disclosure of information, unauthorized access, and SQL injection. Revision 1 of this advisory.

tags | advisory, vulnerability, sql injection
advisories | CVE-2013-4824, CVE-2013-4825, CVE-2013-4826, CVE-2013-4827
SHA-256 | ed80653a7b39082fbd690748e17e6d6cb46a3a985f47c9488f5609c7fbb84338
HP Security Bulletin HPSBGN02929
Posted Oct 9, 2013
Authored by HP | Site hp.com

HP Security Bulletin HPSBGN02929 - Potential security vulnerabilities have been identified with HP Intelligent Management Center (iMC) and HP IMC Branch Intelligent Management System Software Module (BIMS). The vulnerabilities could be remotely exploited resulting in code execution and disclosure of information. Note: The vulnerability solutions have been implemented in the iMC BIMS software updates. In order to be interoperable with the iMC BIMS updated software, software updates are required for Comware Based Switches and Routers that use BIMS. The software update information for the Comware Based Switches and Routers is also included in the Resolution section below. Revision 1 of this advisory.

tags | advisory, vulnerability, code execution
advisories | CVE-2013-4822, CVE-2013-4823
SHA-256 | 1a9b0267d979f31cf869ca2179651c1ca9f3ca5eca762a3f8e5b9cbf8682aaae
Debian Security Advisory 2771-1
Posted Oct 9, 2013
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2771-1 - Hamid Zamani discovered multiple security problems (buffer overflows, format string vulnerabilities and missing input sanitising), which could lead to the execution of arbitrary code.

tags | advisory, overflow, arbitrary, vulnerability
systems | linux, debian
advisories | CVE-2013-4256, CVE-2013-4257, CVE-2013-4258
SHA-256 | b57687c38e22878a98e500902d70eb33c32716e5c0fa274e018279b1c0e609ba
Ubuntu Security Notice USN-1988-1
Posted Oct 9, 2013
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1988-1 - It was discovered that Cyrus SASL incorrectly handled certain invalid password salts. An attacker could use this issue to cause Cyrus SASL to crash, resulting in a denial of service.

tags | advisory, denial of service
systems | linux, ubuntu
advisories | CVE-2013-4122
SHA-256 | 39d8525bda057699dec1836a6af557d5c5ce99412563368481023a98369849d3
Ubuntu Security Notice USN-1987-1
Posted Oct 9, 2013
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1987-1 - Daniel Kahn Gillmor discovered that GnuPG treated keys with empty usage flags as being valid for all usages. Taylor R Campbell discovered that GnuPG incorrectly handled certain OpenPGP messages. If a user or automated system were tricked into processing a specially-crafted message, GnuPG could consume resources, resulting in a denial of service.

tags | advisory, denial of service
systems | linux, ubuntu
advisories | CVE-2013-4351, CVE-2013-4402, CVE-2013-4351, CVE-2013-4402
SHA-256 | fe6b43115bf990088629c8dd208be6d6502447a5e0f1583e80cfafa294f4b8a3
Debian Security Advisory 2770-1
Posted Oct 9, 2013
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2770-1 - John Fitzpatrick of MWR InfoSecurity discovered an authentication bypass vulnerability in torque, a PBS-derived batch processing queueing system.

tags | advisory, bypass
systems | linux, debian
advisories | CVE-2013-4319
SHA-256 | f2fdcb75a9312ce5e54011beca4f9336ca38ab399b314819a73d184a1bd429b0
U3-Pwn Sandisk Executable Injection Tool 2.0
Posted Oct 9, 2013
Authored by Zy0d0x | Site nullsecurity.net

U3-Pwn is a tool designed to automate injecting executables to Sandisk smart usb devices with default U3 software install. This is performed by removing the original iso file from the device and creating a new iso with autorun features.

Changes: Various updates.
tags | tool
systems | unix
SHA-256 | 0b90cef33acefa6fd9de6019e76b1e135d077fc7555d57fbf8066aa1052a3f7d
flv-player 3.5 Cross Site Scripting / Content Spoofing
Posted Oct 9, 2013
Authored by MustLive

flv-player versions 3.5 and below suffer from cross site scripting and content spoofing vulnerabilities.

tags | exploit, spoof, vulnerability, xss
SHA-256 | 94fb74e35910da2fab16b7f9e805bd7b138ff19e20118c8c37830e0c8c1d9485
Page 1 of 1
Back1Next

File Archive:

July 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jul 1st
    27 Files
  • 2
    Jul 2nd
    10 Files
  • 3
    Jul 3rd
    35 Files
  • 4
    Jul 4th
    27 Files
  • 5
    Jul 5th
    18 Files
  • 6
    Jul 6th
    0 Files
  • 7
    Jul 7th
    0 Files
  • 8
    Jul 8th
    28 Files
  • 9
    Jul 9th
    44 Files
  • 10
    Jul 10th
    24 Files
  • 11
    Jul 11th
    25 Files
  • 12
    Jul 12th
    11 Files
  • 13
    Jul 13th
    0 Files
  • 14
    Jul 14th
    0 Files
  • 15
    Jul 15th
    28 Files
  • 16
    Jul 16th
    6 Files
  • 17
    Jul 17th
    0 Files
  • 18
    Jul 18th
    0 Files
  • 19
    Jul 19th
    0 Files
  • 20
    Jul 20th
    0 Files
  • 21
    Jul 21st
    0 Files
  • 22
    Jul 22nd
    0 Files
  • 23
    Jul 23rd
    0 Files
  • 24
    Jul 24th
    0 Files
  • 25
    Jul 25th
    0 Files
  • 26
    Jul 26th
    0 Files
  • 27
    Jul 27th
    0 Files
  • 28
    Jul 28th
    0 Files
  • 29
    Jul 29th
    0 Files
  • 30
    Jul 30th
    0 Files
  • 31
    Jul 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close